Overview

overview

10

Static

static

10

2024-03-08...er.exe

windows7-x64

9

2024-03-08...er.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-08_f46e57192dae06f42dfb54438ac3ef96_cryptolocker

  • Size

    30KB

  • Sample

    240308-jksztabc4x

  • MD5

    f46e57192dae06f42dfb54438ac3ef96

  • SHA1

    e09e1941b06cbd8717dc0831dcd475e5e3812f9e

  • SHA256

    7d477c89d4f2d5e18fe87325fe2417514e315dd42f3777f29b1d836569a028d9

  • SHA512

    d13676e9178394bc159e40e9eaf2896acbb392bbfa30de1b8b1373ac28d20e1456fa0e2eed04528dbc9b323d0ff631fb9f9d3085705be0f2db66daf4385cb979

  • SSDEEP

    768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIO/xOcsTj:q0zizzOSxMOtEvwDpj/arMHTj

Score
10/10

Malware Config

Targets

    • Target

      2024-03-08_f46e57192dae06f42dfb54438ac3ef96_cryptolocker

    • Size

      30KB

    • MD5

      f46e57192dae06f42dfb54438ac3ef96

    • SHA1

      e09e1941b06cbd8717dc0831dcd475e5e3812f9e

    • SHA256

      7d477c89d4f2d5e18fe87325fe2417514e315dd42f3777f29b1d836569a028d9

    • SHA512

      d13676e9178394bc159e40e9eaf2896acbb392bbfa30de1b8b1373ac28d20e1456fa0e2eed04528dbc9b323d0ff631fb9f9d3085705be0f2db66daf4385cb979

    • SSDEEP

      768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIO/xOcsTj:q0zizzOSxMOtEvwDpj/arMHTj

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks